Comment 1 for bug 1690544

As I wrote in https://bugzilla.gnome.org/show_bug.cgi?id=773233#c2 (that's the bug for the master branch, where GIMP 2.9.x is being made from), I could not reproduce the crash mentioned in the CVE. Probably no surprise, given that CVE was reported against GIMP 2.3.x

However, I'd like to stress that this bug might have been fixed a lot earlier if any of the downstream vendors who noticed it had reported it upstream. Please make sure that every non-Ubuntu-specific bug in Launchpad has a corresponding upstream bug report (adding a reference to thess is what the "Also affects project" link is for), or that an upstream report is made if you can't find one.